The eduroam wireless network uses the international 802.1X standard for authentication and the Wifi Alliance Protected Access (WPA) standard for secure encryption of data following authentication.
The eduroam wireless network uses certificates issued by the TERENA Certificate Service (TCS). This means that the first time you connect to the eduroam network you will be asked to trust this certificate.
The TERENA SSL CA certificate is signed by UTN-USERFirst-Hardware which is then signed by Comodo AddTrust External CA Root.
Certificates can be checked for authenticity by checking their certificate fingerprints (SHA-1 or MD5)
If you are having problems with certificates or cannot get your device working you may need to download and install the certificates below to your device.
You should only need to import the AddTrust External CA Root certificate into your device. If that doesn't work try importing all three certificates. Each certificate is available in two formats: Base64 or DER.
Most devices will work with either format, however for Nokia/Symbian series phones you should use the DER format certificate.
This article was published on Oct 14, 2013